Incident · curated 27 Jun 2026
First reported 10 Jun 2026 · 16d ago
Single-source incident — first reported, latest, and curated coincide.
Defenders relying on skill-marketplace scanners and 'green check' badges may be trusting tools that cannot consistently distinguish safe from malicious agent skills, leaving credential-exfiltrating supply-chain attacks undetected.
A Mastro study analyzed 3,084 agent skills across five security scanners and found they disagree on a verdict 63.9% of the time, with 14.2% rated CRITICAL by one scanner and SAFE by another. The piece frames the broader supply-chain risk of AI agent skills—markdown files agents execute with full tool access—citing reported incidents where malicious skills lifted SSH keys, cloud credentials, and crypto wallets, and a fake download counter pushed a dummy skill to #1.
Why it matters
Defenders relying on skill-marketplace scanners and 'green check' badges may be trusting tools that cannot consistently distinguish safe from malicious agent skills, leaving credential-exfiltrating supply-chain attacks undetected.